The years are passing by, and it´s christmas vacation time again.
I was playing a lot with ruby the past years, and i was in need of a pastebin service with an API for my bot.
So… i simply created one myself, within a few hours, using good old RubyOnRails.

The project named "railsbin" is open source, but has a few security problems.
Can you exploit the demo site?
The solution is the password hash of user solution.